Home Depot hacked: 64,000 Canadian e-mails stolen

Home Depot Inc., which suffered a data breach between April and September, said 53 million e-mail addresses were taken by hackers during the attack, in addition to the 56 million payment cards that were previously disclosed. 64,000 of the total accounts breached are from Canada, according to Home Depot in a statement to BNN.

Home Depot also said Thursday that the criminals used a third-party vendor’s user name and password to reach the perimeter of its network, then gained additional rights to navigate the company’s systems. Hackers used custom-built software on Home Depot’s self-checkout terminals in the U.S. and Canada to access customer data, according to a statement.

“Customers should be on guard against phishing scams, which are designed to trick customers into providing personal information in response to phony e-mails,” the Atlanta-based company said.

Home Depot, which first acknowledged the attack in September, has become one of the biggest victims of hackers’ war on retailers. The world’s largest home-improvement chain has said it expects to pay about $62-million (U.S.) this year to recover from the incursion, including additional costs for call-center staffing and legal expenses. Insurance will cover $27-million of that tab, the company said.